couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Anderson (JIRA)" <>
Subject [jira] Commented: (COUCHDB-615) Role, ACL and Ownership Checks
Date Thu, 07 Jan 2010 16:56:53 GMT


Chris Anderson commented on COUCHDB-615:

We already have this, in the sense that replication uses the normal HTTP API. So if a user
is not and admin, they will not be able to replicate _design documents to the target. 

Similarly, if the target has a validation function that says all docs must have a foo field,
than any docs that are missing a foo field will not be replicated.

Because CouchDB has not read-authorization model, there isn't the same thing for reads. When
we add the ability to control read-access to databases, users will only be able to replicate
from databases they can read.

> Role, ACL and Ownership Checks
> ------------------------------
>                 Key: COUCHDB-615
>                 URL:
>             Project: CouchDB
>          Issue Type: New Feature
>         Environment: Ubuntu 9.10 64bit
>            Reporter: Alexander Trauzzi
> It would be nice if CouchDB had a comprehensive offering for varying levels of access
to documents and databases.
> Here are some ideas:
> o User lists are stored in the database, per database.
> o Roles and role membership are stored in the database, per database.
> o ACLs are stored in the database, per database.
> o CouchDB can use ACLs to store and simplify permissions for internal functionality (manage
the db, manage users, add roles, add users to roles, etc...)
> o CouchApps can take advantage of the ACLs to support login/logout and arbitrary business
rules as needed.
> o A simple API can be made to conduct role, ACL and ownership checks.
> I suppose there is some theory and discussion behind determining whether users, roles
or both are stored in ACL rules.  Also, something worth discussing is whether the checks are
automatically performed by couchdb, or if views are to be performing checks prior to emitting
data.  Or both...
> Building all this into CouchDB would mean that it has a mechanism for complex applications
to be developed.  Ones that mandate privacy and other visibility concerns.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message